diff options
author | Andy Lutomirski <luto@kernel.org> | 2016-05-27 12:57:02 -0700 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2016-06-14 10:54:39 -0700 |
commit | 2f275de5d1ed7269913ef9b4c64a13952c0a38e8 (patch) | |
tree | 0151774ac6f2d8d8e89cc3402fc57ab8918bf610 /include/linux/seccomp.h | |
parent | 58d0a862f573c3354fa912603ef5a4db188774e7 (diff) | |
download | lwn-2f275de5d1ed7269913ef9b4c64a13952c0a38e8.tar.gz lwn-2f275de5d1ed7269913ef9b4c64a13952c0a38e8.zip |
seccomp: Add a seccomp_data parameter secure_computing()
Currently, if arch code wants to supply seccomp_data directly to
seccomp (which is generally much faster than having seccomp do it
using the syscall_get_xyz() API), it has to use the two-phase
seccomp hooks. Add it to the easy hooks, too.
Cc: linux-arch@vger.kernel.org
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include/linux/seccomp.h')
-rw-r--r-- | include/linux/seccomp.h | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h index 2296e6b2f690..9eaa7b34d6da 100644 --- a/include/linux/seccomp.h +++ b/include/linux/seccomp.h @@ -28,11 +28,11 @@ struct seccomp { }; #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER -extern int __secure_computing(void); -static inline int secure_computing(void) +extern int __secure_computing(const struct seccomp_data *sd); +static inline int secure_computing(const struct seccomp_data *sd) { if (unlikely(test_thread_flag(TIF_SECCOMP))) - return __secure_computing(); + return __secure_computing(sd); return 0; } @@ -61,7 +61,7 @@ struct seccomp { }; struct seccomp_filter { }; #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER -static inline int secure_computing(void) { return 0; } +static inline int secure_computing(struct seccomp_data *sd) { return 0; } #else static inline void secure_computing_strict(int this_syscall) { return; } #endif |